Optimizing Memory-Corruption Security Defenses for Real-Time Systems

Real-Time Systems (RTSs) frequently suffer from memory-corruption attacks. Compared to general-purpose systems, RTSs differ because of their scheduling requirements. For this reason, many modern-day security defenses are not compatible with RTSs or impose too much performance overhead to be schedulable. This thesis presents a new Mixed Integer Linear Programming optimization algorithm — Defense Optimization Algorithm for Real-time system Memory-Corruption Security (DOARMS) — that determines the optimal, yet schedulable, set of defenses to protect RTSs against memory-corruption attacks. Experiments using DOARMS showed that 71% or less utilization is needed for ideal security coverage with the defenses considered and that the algorithm produced better results than selecting the defenses with the best security coverage. A case-study using a smaller subset of defenses also showed that using worst-case instead of average-case performance overheads for defenses leads to lower security coverage, and that more work is needed to quantify the worst-case performance overheads. DOARMS also supports optional weights representing the importance of security for each task and prioritizes the security of the tasks according to those weights. The runtime performance of the algorithm is reasonable with a single optimization taking an average of ∼ 14s and a maximum of ∼ 114s to run, making it a useful tool to help RTS designers secure their RTSs from memory-corruption attacks.